It’s a good security practice to enforce password aging. This helps to prevent unauthorized system access using your credentials. Bad actors can obtain your credentials from a data dump from a previous attack on your network, or from another website or service you may have used. It’s important to note that you should never use common passwords and you should adopt the discipline of using a password management tool.

The logins.defs file

The file located at /etc/login.defs defines the default configuration for various account properties on your Linux system. Multiple user management commands such as “useradd” and others read defaults from this file.

For this example, we will add a few options to our login.defs file, which will enforce password aging.

Open your favorite editor (like vi) and drop the following lines at the bottom of the file:

PASS_MAX_DAYS 90
PASS_MIN_DAYS 7
PASS_WARN_AGE 7

The PASS_MAX_DAYS option sets the maximum time for a password to 90 days. After 90 days, the password is required to be changed. The second line, PASS_MIN_DAYS, sets the minimum days before a user can change the password again.

If you currently utilize password expiration that’s built in to Linux, you may have an account that’s locked out or about to be locked out. How would you check to see if a given user account is locked out?

To do this, use the chage command. This command can display information about when the password will expire as well as change the expiry time.

Checking the Expiry Information

To check the expiry information, use the chage command like this:

# chage -l username
Last password change : Aug 31, 2017
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

The output of chage shows us the last password change, when the password will expire and more.

Changing the Expiry Time

If you would like to set the expiry time of a given users password to “never”, use the following command:

# chage -M-1 username

To set a specific maximum days before the password is required to be changed, use the following command:

Overview

In this brief article I will discuss deploying a low latency kernel for Ubuntu Server 16.04 LTS. This kernel changes the timer frequency from the default 250Hz to 1000Hz. This kernel is also called the “soft real-time kernel” and is forked (and regularly updated) from the generic kernel source tree. This kernel can be useful for all applications that require very low latency response like Asterisk. In this document, I will also describe how to set the lowlatency kernel as the primary kernel, and make sure its update and reboot “proof”. It’s also important to note that this kernel is generally updated days after the generic stock kernel. There’s no need to custom-compile a kernel to achieve higher timer frequency. This approach also assures future kernel updates are quick and painless.

Update the APT Cache

We’re starting with a fresh system, so we should first update the APT cache for good measure.

# sudoapt-get update

Install the “linux-lowlatency” package

Use APT to install the “linux-lowlatency” package.

# sudoapt-get install linux-lowlatency

Obtain the “ubuntustudio-default-settings” package from the repository – STEP 1

First, let’s visit https://packages.ubuntu.com/. This step is a little less obvious. The package “ubuntustudio-default-settings” contains a file named “09_lowlatency”. This file is a GRUB configuration file we can use to assure our lowlatency kernel is booted first and assures it will stay that way.

Obtain the “ubuntustudio-default-settings” package from the repository – STEP 2

Search for “ubuntustudio-default-settings” in the search field. Make sure to select “Source package names” and your distribution. Then press “Search”.

Obtain the “ubuntustudio-default-settings” package from the repository – STEP 3

Click on the link named “ubuntustudio-default-settings” to the right of “Binary packages”.

This is a quick article showing how to uninstall McAfee Total Protection from Windows Home Server (WHS). The instructions were not readily available on McAfee’s website as they have removed the KB article “KB64958” from their site.

It’s quite common for a cPanel server to need a larger /tmp partition.

cPanel, by default, creates a loopback device that mounts to /tmp. The default size is only 512MB. This is quite small, especially for shared systems.

Reasons /tmp might become full:

MySQL operation or Repair requiring temporary space. Keep in mind the /tmp partition must be big enough to support the largest table size on your system. (8GB table would require 8+GB /tmp space)

PHP sessions consuming space in /tmp

Rogue scripts living in /tmp

To resize follow these steps:

** Note that this will stop MySQL and will cause service interruption. These commands will resize /tmp to 2GB. If you wish to resize to a greater or smaller size simply change 2048000 to your desired size in bytes.

Having worked in data centers for the last four years of my life I know that most servers are grossly under utilized. Burning the power to keep servers online that are utilized, on average, five to twenty percent.

Economics, the way they are today, constantly challenges us and pushes us to find new and creative ways to solve problems. Virtualization allows us to provide consolidation for under utilized servers and “pools” resources to allow systems to burst when they need it. Virtualization, in my opinion, is a very green initiative. In this article I will talk mainly about VMware based virtualization technologies.

Dynamic Resource Scheduler (DRS) – VMware technology provides the capability to VMotion servers from one physical system to another when extra resources are needed. DRS even weighs the “cost” of moving the machine to another host machine.

Capacity Planner – VMware also has utilities to help you plan your virtual environment based on your site’s resource needs. Simply install a utility and let it run for about 30 days. Once the utility has gathered enough data, you will be presented with suggestions

High Availability (HA) – VMware offers highly-available services. All of your systems will now have the added benefit of HA at the virtualization layer

Conclusion

If you can afford the initial expense, virtualization will save you money in cooling, power and equipment maintenance costs in the long run. I believe virtualization is a great tool to help reduce datacenter costs. Please remember there are things that should not be virtualized: large database servers, exchange servers and some application servers may be too disk intensive for your environment’s abilities. Consider keeping these systems as physical servers.

Ever heard someone use the term VM or VPS? About the only thing they have in common is the V in their name.

A VPS (commonly OpenVZ or Parallels Containers) is a Virtual Private Server and usually runs on what is referred to as a “host node” or the main hardware node. VPS systems allow you to dynamically adjust resources without a restart.

A VM (commonly VMware ESX) is a fully paravirtualized system which all hardware is also virtualized. Many operating systems seem to work the best with paravirtualized systems as the hardware is presented as regular physical hardware.

VMware Pro’s

Full Paravirtualazation

Virutualizes at the hardware level- most compatible

Flexibility

Industry Standard

Can run Windows/Linux/Suse/Novell/OSX all on the same host

VMware Con’s

Cannot dynamically scale resources, VM’s must be rebooted to apply new allocations

Slightly slower than software-level virtualization

Cost, expensive

Parallels Pro’s

OS level virtualization

Fast provisioning

Dynamic resource allocation, no reboots

Tighter control of space and inode allocations

Burstable RAM settings

Parallels Con’s

Only Linux or Windows VPS systems may exist on a single hardware node

Price, although cheaper than vmware, still pricey. OpenVZ is a safe free version.

Conclusion

There are many different solutions to virtualizing or “chopping” up the resources for a single, large host system. Our winner was Parallels for their ease of installation, dynamic resource allocation and faster performance. Also keep in mind that if you are virtualizing systems make sure to have a good backup plan and spare parts or on-site warranty. One large host system may provide 20-50 virtual systems. An outage is now multiplied by the systems you have running on top of your hardware node.